package com.bear.sgg.springboot_13_security.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;

/**
 * @ClassNmae AuthProviderConfig
 * @Description 配置spring boot security的认证
 * @Author bear
 * @Date 2020/3/18 0018 下午 3:28
 */
@Configuration
public class AuthProviderConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //定值请求授权规则
        http.authorizeRequests()
                //允许所有人访问
                .antMatchers("/").permitAll()
                //允许特定角色访问
                .antMatchers("/level1/**").hasRole("VIP1")
                .antMatchers("/level2/**").hasRole("VIP2")
                .antMatchers("/level3/**").hasRole("VIP3");
        http.formLogin();
    }


}
